Sawmill stores the following non-numerical fields in its database for Checkpoint Firewall-1 (fw log -ftn export), generates reports for each field, and allows dynamic filtering on any combination of these fields:

Field

Internal Name

date/time

date_time

day of week

day_of_week

hour of day

hour_of_day

action

action

host

host

interface

interface

product

product

source

source

source port

source_port

destination

destination

protocol

protocol

service

service

rule

rule

Rule UID

rule_uid

message info

message_info

SmartDefense

smart_defense

segment_time

segment_time

service ID

service_id

start time

start_time

server_outbound_interface

server_outbound_interface

user

user

Sawmill stores the following numerical fields in its database for Checkpoint Firewall-1 (fw log -ftn export), aggregating them and including them as columns in most reports:

Numerical Field

Internal Name

accesses

accesses

bytes

bytes

packets

packets

Client Inbound Bytes

client_inbound_bytes

Client Inbound Packets

client_inbound_packets

Client Outbound Bytes

client_outbound_bytes

Client Outbound Packets

client_outbound_packets

elapsed

elapsed

Server Inbound Bytes

server_inbound_bytes

Server Inbound Packets

server_inbound_packets

Server Outbound Bytes

server_outbound_bytes

Server Outbound Packets

server_outbound_packets

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Checkpoint Firewall-1 (fw log -ftn export) reports.